Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1213
Views
0
Helpful
2
Replies

Filtering DHCP by relay agent forwarding IP address

Bela Mareczky
Level 1
Level 1

‎09-27-2010 07:37 AM - edited ‎03-06-2019 01:12 PM

Dear Community!

I would like to create a "filtered DHCP pool", which can assign an IP address regarding relay agent forwarding IP address. So, two remote router has an ip-helper-address configured pointing to the DHCP server router interface.

  • If a DHCP request arrives from remote router #A, we should accept DHCP request and assign an IP address to the remote host.
  • If a DHCP request arrives from another forwarder IP address, the DHCP should reject the request.

Could anyone help me configuring this DHCP server "filtering"?

Thanks and Best Regards,

Belabacsi

Labels:
0 Helpful
2 Replies 2

jonathanaxford
Level 3
Level 3

‎09-27-2010 10:19 AM

Hi Bela,

Could this be accomplished with an Access Control List on one of the routers?

On the router interface that connects to the DHCP server you could create an inbound access list that drops all traffic originating from the ip helper-address interface IP destined to the DHCP server IP on port 67, that way, no requests from that remote router will get to the DHCP server.

Quick question though, do both the remote sites have the same IP Subnet? If they don't, then you only need to create a DHCP scope for the subnet that you wish to address and then the other one will just be ignored,

Hope this helps,

Jonathan

0 Helpful

Bela Mareczky
Level 1
Level 1
In response to jonathanaxford

‎09-28-2010 07:22 AM

Dear Jonathan!

Thanks for Your answer, unfortunately the problem is more complex. I have created a Visio drawing illustrating the topology. We have only one router for serving IP addresses for these different voice subnets. Because we use L3 in access layer, one DHCP pool is not enough for both subnet. We need to configure another DHCP pool for floor #5 in order to serve IP addresses for IP phones but not for desktop PCs. The DHCP pool has a filter, which permits only Cisco phones.

I have made a WireShark dump, which contains the DHCP discover packet. This packet has a header field named "relay agent forwarding IP address"

Could You suggest a method to "filter" DHCP pool regarding this header field? Is it possible to serve a DHCP client with IP address  regarding which IP helper address forwards the request?

Thanks and BR

Belabacsi

72684-DHCP.vsd.zip
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card